Integrated Anomaly Detection Cyber Security -Myassignmenthelp.Com

Question: Discuss About The Integrated Anomaly Detection Cyber Security? Answer: Introducation corporate organizations thus these are needed to be mitigated accordingly. Risk assessment should be done based on threats, vulnerabilities and consequences derived from the IT control framework. The IT control framework is consists of three different steps such as objectives, requirements and actual performance that have to be done to resolve the issues. With the help of the IT control framework the consequences of Gigantic Corporation could be resolved properly. The steps for assess the risks considering the IT control frame work include system characterizing, threat identification, control environment analysis and calculating risk rating. The entire operating and functional structure of the company is facing challenges due to lack of security approaches (Buczak Guven, 2016). In order to gain competitive advantages and more umber of consumers from the company is needed to identify the risks, assess the risks as well. However, after identifying and analyzing the risks respective control strategies are also needed to be adopted by the Corporation. Six different steps are there those are widely used by the companies to assess the identified risks of the company (Gordon et al., 2015). The Company is facing risks in their supply chain, customer relationship and existing data storage system as well. The identified risks of Gigantic Corporation are as follows: Risks in supply chain: It has been found that the physical supply chain of the company might face numerous risks. Not only this but also the supply chain also faces important role in the supply chain of the company. If any of the equipment is delivered through the supply chain then there will raise cyber security risks during the phases of cyber security (Liu et al., 2015). If any risk is identified after the delivery of any of an equipment then it is little difficult to detect the responsible person. The attacking technology such as virus inclusion in the hardware and software is currently referred to as a leading one that is highly taking place due to Trojan attack in order to serve the purpose of external hacking. Other different types of hardware attacks are also there that include the followings: The protected memory might be accessed by the unauthorized users While performing invasive operation hardware tempering might occur (Bonaci et al., 2015) With the insertion of different hidden methods, the casual authentication mechanism of the system might not support the system application For the other malware and penetrative purposes, the manufacturing backdoors might be created All of these above mentioned hardware attack or cyber threats may pertain to different devices or system also such as: The network system used by the corporation The banking or accounting system that has been used by the company The surveillance system used by the company The industrial control system used by the company The communication infrastructure of the device If the company fails to cover the cyber security basics then the common vulnerabilities and the cyber attack might become much dangerous. Due to lack of technical expertise and security alerts the cyber attackers can attack the server of the company with different cyber attacks (Hong, Liu Govindarasu, 2014). It is the responsibilities of the company to consider the most suitable risk mitigate approaches to resolve the issues easily. While identifying the system generally used by the company different threats ad risks assessment working guides are also helpful to grade the system and the two different terms based on which the assessments are widely done include severity and exposure. On the other hand, the more threats and vulnerabilities those might face by the Gigantic Corporation are elaborated below. Malware: Malware is referred to as an all encompassing term which holds various types of cyber threats including Trojan, viruses, worms etc. This is defined as a code that intents to steal confidential storage data. In addition to this it can also destroy many data stored in the computers (Carr, 2016). This might take place if the users try to download attached files and click on links send by the unknown senders. If the company lacks to use updated firewalls then also malware attack might take place. Phishing: Phishing attacks are done through emails, and links from unknown senders. In this case the attackers himself requests for data and due to lack of proper ideas those data might be misused or hijacked by the attackers (Cavelty, 2014). The phishing emails include different links those directs the users to the dummy site that would steal the users personnel data. Password attack: If the password using by the company is found to be not enough strong then, those can be easily hijacked by the users. And the data stored in the server of the company would be affected easily by the unauthenticated users. It is the responsibility of the users to secure their server with strong password to avoid external attacks. Denial of Services (DOS): DOS attack is referred to as a disruption to the services of the network used by the corporate company. This might take place while sending huge set of data from the sender side through the network channel. It requests for several connections and if any wrong request is accepted then issues or external attack might occur (Buczak Guven, 2016). There are different ways through which the attackers can achieve DOS attack but the most common DOS attack is the Distributed Denial of Service (DDOS) attack. This can also take a huge figure because in case of DDOS attack, it is difficult to detect the attack at the initial phase. Spoofing attack: The spoofing attack is referred to as an attack that is widely employed by the cyber scammers and the external hijackers even to individual, deceiving systems. Two different types of spoofing that could hamper the cyber security of the corporation are IP spoofing and ARP spoofs attack (Ben-Asher Gonzalez, 2015). These kinds of manmade attacks are initiated by the spoofers himself through unknown sources and unauthenticated users. While sending data from the sender to the receiver these kinds of attacks took place. Risk Mitigation and its Impact For the mitigation of the risk analyzed for the development of the Cybersecurity solution for Gigantic Corporation a network security plan should be developed and the vulnerability of the system should be analyzed. The network security threats are analyzed according to their level of impact on the current business process of the organization and the risk mitigation plan is prepared. For the loss of confidentiality and the integrity of the resources of the organization that have an severe impact on the growth of the organization, the servers installed in the network is required to be configured according to the business policy and proper antivirus or spyware program must be installed in the server for identification of the malicious codes that can be used by the attackers to control the network (Hall, 2016). The attacker can use the malicious codes for accessing the important information from the organizational servers such as the information of the employees, other sensitive informat ion for fooling the users and enforce distributed denial of service attacks such that the network resources are unavailable to the users connected in the network. A strong authentication mechanism should be applied for identification of the users using the system. The username and the password formation must be strong such that it cannot be easily cracked by the attackers (EugeneJennex, 2014). The password should be a combination of special character and alpha numeric such that it cannot be cracked using brute force attacks. The remote connection of the network should also be secured with the implementation of a firewall and configuring it to block the unauthorized request coming from the unknown sources. There are risk of drop of the performance of the network and increase in demand for accessing the resources of the network, in such situation it would cause delay and incur loss of data. The risks have a medium impact on the performance of the organization and can cause restriction of the users to access the core elements of the network. The risk can cause failure of the hardware and the software of the organizational network. There are risk of sabotage attacks and it can be mitigated with the configuration of the routers and the servers installed in the network (JennexDurcikova, 2013). The services that are running in the network unnecessarily such as the SNMP, TELNET and FTP should be stopped such that the hackers does not finds a way to intrude into the network. The organizational assets should be secured with password and authentication such that the remote user does not have access to the core components. The drop of the data packets in the network can cause corruption of the in formation and thus the drop of packets should be avoided for improvement of the performance of the network (Haimes, 2015). A penetration testing should be performed with the inclusion of a group of friendly system tester such that the flaws in the current information system and the organization should be identified. On proper identification of the open paths and vulnerability of the network the network should be configured to block the open ports and the unnecessary services should be stopped for eliminating the vulnerability of the network and securing the network from external agents. There are risks of link failure in the network and it can have a negative impact on the network and thus redundant link must be created such that the every part of the network can be reached using multiple paths. This increase the availability of the network resources and in case if a link between the source and the destination address is broken the redundant link can be used for transferring the data packets in the network and maintain the communication between the nodes installed in different location of the network (Bahr, 2014). The software and operating system used in the server should be updated and patched such that it is always secured. The risk of financial loss caused due to accidents and involvement of the employees working in the organization can be mitigated with the installation of an IPS and IDS system in the network and monitoring the current usage of the network resources of the network (Curran, Berry Sangsuk, 2014). The servers must be installed with a network monit oring tool such that the network administrator can monitor the flow of the data in the network and manage the network components connected in the network. The server loads can also be analyzed for balancing the loads mitigate the risk of server overload and unavailability of the data residing in the servers. For the management of the users the users needed to be grouped and their usage pattern should be identified for making the management process easy (Garca-Herrero et al., 2013). The network monitoring tool should be configured according to the usage and it should be configure to generate notification to the network administrator if any network change or abnormality in the data traffic is noted. The routers, switches, servers and the other core components of the network should be installed in a separate room and the normal users must be restricted to enter the room from mitigation of the risk from physical access. The risk of malware can be prevented by providing a training to the users to avoid installing of unknown software applications and avoiding of downloading unknown attachment from unknown sources. The routers installed in the network should also be configured with access control list such that the users cannot access the core servers (Chemweno et al., 2015). The request coming from different sources should be verified and an internal mail server should be configured for mitigation of the risk of phasing attacks and enabling the users to communicate with each other using the intranet of the organization. A data recovery and backup plan must be created for handing the emergency situation and the data should be backed up at a regular interval such that if the security of the network is compromised the backup servers can be used for retrieval of the information (EugeneJennex, 2014). The backup should be stored in remote location and cloud solution can also be deployed for remote storage and increasing the security of the network solution. Literature Review It is identified that in order to protect the website from Cybersecurity issues, it is quite important to follow some of the significant steps. According to Matthews (2017), the company needs to be keeping themselves up to date in order to avoid the issues that are associated with Cybersecurity. It is identified that if the company has proper information or knowledge about the possibility of the security risks then the website can be easily protected against the risks. The company must follow updates at various tech sites and must use that information as a fresh precaution for protecting the website. It is stated by Goud (2017) that computer users in the office generally provide an easy access route to the website servers and therefore it is very much necessary to use stronger passwords as well as providing the facility of scanning all devices for various types of malware. It is identified that it is also necessary to install proper security applications in order to secure the websit e from various types of Cybersecurity issues. It is opined by Deshpande, Nair, and Shah (2017) that installation of security applications helps in providing free plugin that generally assists in providing an additional level of protection by hiding the website CMS. By doing this, the company can become much more resilient against various types of automated hacking tools that generally scot the web. According to Wolters and Jansen (2017), the company must utilize robots txt file for discouraging the search engines in order to avoid indexing admin pages by various search engines. In addition to this, it is identified that website faces number of concerns due to file uploads. Due to numerous file uploads, bugs generally get enter and assists in allowing the hacker to get access of unlimited data from the website (Kessler, Dardick Holton, 2017). One of the best solution of avoid the problem of hacking is to prevent access to any of the files that are uploaded in the website. The files must be stored outside the root directory and proper script must be utilized in order to access the information whenever necessary. It is stated by Fowler et al. (2017) that utilization of an encrypted SSL protocol for transferring the personal information as well as data between the database as well as website is considered as one of the significant step as it generally helps in preventing the infor mation being read as well as transit without appropriate authenticity. Furthermore, proper backup system must be present so that when the hard disk drive fails then the data will be easily recovered with the help of the backup system. One of the important steps that must be taken in order to secure the website from various types of security issue is to utilize proper web application firewall. It is stated by Majhi (2015) that web application firewall is mainly sets between the servers of the website as well as data connection in order to read each of the data that is passing through it. It is identified once the application of firewall is installed within the system it assists in blocking all the hacking attempts as well as assists in filtering out different types of unwanted traffic like spammers and malicious bots. References Bahr, N. J. (2014). System safety engineering and risk assessment: a practical approach. CRC Press. Ben-Asher, N., Gonzalez, C. (2015). Effects of cyber security knowledge on attack detection.Computers in Human Behavior,48, 51-61. Bonaci, T., Herron, J., Yusuf, T., Yan, J., Kohno, T., Chizeck, H. J. (2015). To make a robot secure: An experimental analysis of cyber security threats against teleoperated surgical robots.arXiv preprint arXiv:1504.04339. Buczak, A. L., Guven, E. (2016). A survey of data mining and machine learning methods for cyber security intrusion detection.IEEE Communications Surveys Tutorials,18(2), 1153-1176. Carr, M. (2016). Publicprivate partnerships in national cyber?security strategies.International Affairs,92(1), 43-62. Cavelty, M. D. (2014). Breaking the cyber-security dilemma: Aligning security needs and removing vulnerabilities.Science and Engineering Ethics,20(3), 701-715. Chemweno, P., Pintelon, L., Van Horenbeek, A., Muchiri, P. (2015). Development of a risk assessment selection methodology for asset maintenance decision making: An analytic network process (ANP) approach. International Journal of Production Economics, 170, 663-676. Curran, J., Berry, K., Sangsuk, K. (2014). Organizational Network Analysis of Organizations that Serve Men Who Have Sex with Men and Transgender People in Chiang Mai, Thailand. Deshpande, V. M., Nair, D. M. K., Shah, D. (2017). Major Web Application Threats for Data Privacy SecurityDetection, Analysis and Mitigation Strategies.under review in International Journal of Scientific Research in Science and Technology PRINT ISSN, 2395-6011. Eugene Jennex, M. (2014). A proposed method for assessing knowledge loss risk with departing personnel. VINE: The journal of information and knowledge management systems, 44(2), 185-209. Fowler, S., Sweetman, C., Ravindran, S., Joiner, K. F., Sitnikova, E. (2017). Developing cyber-security policies that penetrate Australian defence acquisitions.Australian Defence Force Journal, (202), 17. Garca-Herrero, S., Mariscal, M. A., Gutirrez, J. M., Toca-Otero, A. (2013). Bayesian network analysis of safety culture and organizational culture in a nuclear power plant. Safety science, 53, 82-95. Gordon, L. A., Loeb, M. P., Lucyshyn, W., Zhou, L. (2015). Externalities and the magnitude of cyber security underinvestment by private sector firms: a modification of the Gordon-Loeb model.Journal of Information Security,6(1), 24. Goud, N. S. (2017). Analysis of Machine Learning Algorithms to Protect from Phishing in Web Data Mining.International Journal of Computer Applications,159(1). Haimes, Y. Y. (2015). Risk modeling, assessment, and management. John Wiley Sons. Hall, J. L. (2016). Columbia and Challenger: organizational failure at NASA. Space Policy, 37, 127-133. Hong, J., Liu, C. C., Govindarasu, M. (2014). Integrated anomaly detection for cyber security of the substations.IEEE Transactions on Smart Grid,5(4), 1643-1653. Jennex, M. E., Durcikova, A. (2013, January). Assessing knowledge loss risk. In System Sciences (HICSS), 2013 46th Hawaii International Conference on (pp. 3478-3487). IEEE. Kessler, G., Dardick, G., Holton, D. (2017, January). Using Journals to Assess Non-STEM Student Learning in STEM Courses: A Case Study in Cybersecurity Education. InProceedings of the 50th Hawaii International Conference on System Sciences. Liu, Y., Sarabi, A., Zhang, J., Naghizadeh, P., Karir, M., Bailey, M., Liu, M. (2015, August). Cloudy with a Chance of Breach: Forecasting Cyber Security Incidents. InUSENIX Security Symposium(pp. 1009-1024). Majhi, S. K. (2015). Cybersecurity Issues and Challenges: A view.International Journal of Global Research in Computer Science (UGC Approved Journal),6(1), 01-08. Matthews, C. (2017). Real protection for virtual borders.Public Sector,40(3), 9. Wolters, P. T. J., Jansen, C. J. H. (2017). Every business has duties of care in the field of cyber security. Cyber security guide for businesses